Some of the intermediate certificates on the Sectigo/Comodo certification path are about to expire on May 30 at 10am UTC. Here you have Sectigo document: Sectigo AddTrust External CA Root Expiring May 30, 2020
If you relay on updated clients, you don't need to do anything, they will use their local trusted store and disregard whatever you are sending on the certificate chain, as a matter of fact, you can remove the expired certificates from the chain as they are no longer valid and reduce the amount of bytes you'll send on the TLS handshake.
The quick solution
But if you need to support legacy clients, that our testing shows that a PlayStation 4 is indeed a legacy system, you'll need to change the chain and replace the expired certificates with one of the AAA cross certificates
AAA Certificate Services - cross-certificates:
- AAA Certificate Services - USERTrust RSA Certification Authority - https://crt.sh/?id=1282303295
- AAA Certificate Services - USERTrust ECC Certification Authority - https://crt.sh/?id=1282303296
- AAA Certificate Services - Comodo RSA Certification Authority - https://crt.sh/?id=2545965608
- AAA Certificate Services - Comodo ECC Certification Authority - https://crt.sh/?id=2545966120
The "no compromises" solution
Or if you want to be sure to reach all your audience on a very legacy systems, for example old Samsung and LG Smart TVs, where AAA Certificate Services is not on their trusted store, as one of our customers faced, we have arranged a promotion with DigiCert to provide certificates signed without loosing any day on your current certificate. That's it, if you have one of the elegible certificates (Comodo/Sectigo is one of them), we will add any remaining time to the new certificate.
Let's say that your certificate has 6 months remaining, you'll pay for 1 year and the certificate will be signed for a year and a half. More details here: Switch to DigiCert SSL
As always, in case of any doubt, raise a ticket with us.